Skype security flaw leads to hijacked accounts
Almost 30 million people use Skype every day
The VoIP communications-service Skype has had to suspend its password reset function after it was found that a security flaw made it possible to hijack user accounts.
Skype’s developers, Microsoft, have updated the password-resetting capabilities and will fix a flaw that reportedly has made the feature vulnerable to account-takeover attacks that were trivial to carry out. It has been reported that this security flaw was originally exposed on a Russian forum some months ago.
Also liable to hijacking are answerphone messages, old text messages and conversations, as well as sensitive user details.
A Skype spokesman said: "Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website."
The hijacking issue has affected users who are registered to multiple Skype accounts with the same email address. Skype’s spokesman said: “We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly."
Skype is also calling upon a small number of its users who have been affected to assist in the recovery. The spokesperson added: “Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience."
The latest security flaw follows news last month that the company could distribute malware via its instant message tool.
It proves an embarrassing development for the Microsoft-owned company as they have been attempting to encourage their Windows Live Messengers to make the move to Skype. Microsoft hopes to retire Windows Live Messenger in all countries bar China by March 2013.
"How do we balance security with civil liberties and privacy in today's high-tech but violent world? Can our private lives remain truly private?"
- New search engine more efficient than Google
- Ringing the changes: 30 years of mobiles with Vodafone UK
- Linux makers update software to stop ‘Ghost’ cyber threat
- Global Calculator: high life and climate change can co-exist
- Partners of big data research institute named after Turing announced
- ‘Fracking village’ goes solar
- What to Specialise in Electronics Engineering?? [03:02 am 03/04/14]
- Britain to have just one remaining coal pit by the end of 2015 [01:11 am 03/04/14]
- LV Generator Star point earthing - UK [08:35 pm 02/04/14]
- East West Rail - the Oxford to Bedford route [07:33 pm 02/04/14]
- Small nuclear power [06:06 pm 02/04/14]
The essential source of engineering products and suppliers.